1 /*
2  * Copyright (c) 2019,2020 Linaro Limited
3  *
4  * SPDX-License-Identifier: Apache-2.0
5  */
6 
7 #include <stdarg.h>
8 
9 #include "psa/error.h"
10 
11 #ifdef __cplusplus
12 extern "C" {
13 #endif
14 
15 /** Maximum buffer size for an initial attestation token instance. */
16 #define ATT_MAX_TOKEN_SIZE (0x240)
17 
18 /**
19  * @brief Gets the public key portion of the attestation service's securely
20  *        stored key pair. This public key can be provided to external
21  *        verification services for device verification purposes.
22  *
23  * @return Returns error code as specified in \ref psa_status_t
24  */
25 psa_status_t att_get_pub_key(void);
26 
27 /**
28  * @brief Gets an initial attestation token (IAT) from the TF-M secure
29  *        processing environment (SPE). This data will be provided in CBOR
30  *        format and is encrypted using the private key held on the SPE.
31  *
32  * The initial attestation token (IAT) is composed of a series of 'claims' or
33  * data points used to uniquely identify this device to an external
34  * verification entity (the IAT consumer).
35  *
36  * The generated IAT should be cryptographically verifiable by the IAT consumer.
37  *
38  * For details on IAT see https://tools.ietf.org/html/draft-mandyam-eat-01
39  *
40  * @param ch_buffer     Pointer to the buffer containing the nonce or
41  *                      challenge data to be validated with the private key.
42  * @param ch_sz         The number of bytes in the challenge. 32, 48 or 64.
43  * @param token_buffer  Pointer to the buffer where the IAT will be written.
44  *                      Must be equal in size to the system IAT output, which
45  *                      can be determined via a call to
46  *                      'psa_initial_attest_get_token_size'.
47  * @param token_sz      Pointer to the size of token_buffer, this value will be
48  *                      updated in this function to contain the number of bytes
49  *                      actually retrieved during the IAT request.
50  *
51  * @return Returns error code as specified in \ref psa_status_t
52  */
53 psa_status_t att_get_iat(uint8_t *ch_buffer, uint32_t ch_sz,
54 			 uint8_t *token_buffer, uint32_t *token_sz);
55 
56 /**
57  * @brief TODO!
58  *
59  * @return Returns error code as specified in \ref psa_status_t
60  */
61 psa_status_t att_test(void);
62 
63 #ifdef __cplusplus
64 }
65 #endif
66